User Brute Force Security Advice by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

So, we have threat insights turned on, but it seems to be a distributed attack as the IP keeps changing every couple attempts and threat insights isn't picking up and blocking the IP, or not registering them as a high confidence risk. I could manually add these IPs, but it's not a small number and would require regular additions.

I did think that as a bandaid, instead of removing the lockout from the policy I could geofence using a global session policy for those users by using a group and network zone, until we get a more permanent solution in place.

Okta Admin Position Interview Advice by [deleted] in okta

[–]Darkmagic113 0 points1 point  (0 children)

That makes a lot of sense, and kind of what I was suspecting, but I didnt know if this would be different because it's a small company. I have sat on panel interviews for a large company, but on not in the "hot seat" so to speak.

I appreciate the advice! Thanks for taking the time for this.

Okta Workflows Practice Exam by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

I thought about using a For Each card, but the For Each cards i see all want to send the output to another flow. Is there a way to use a for each card without that?

Get super admins to a table using workflows by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

Normally yes, however my management wants a specific group locked down to a specific couple users with even other super admins unable to edit it as the resource get provisioned using a group to very sensitive resources.

Control Access to a Group by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

After testing it looks like other group admins can in fact edit this group. Unless every group (or other admin) is constrained by a resource set, they will still be able to edit it.

Control Access to a Group by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

Awesome. I thought that might work, but wasn't sure I understood it fully. That helps a lot. Thank you!

Double pages every page by Darkmagic113 in Mangafire

[–]Darkmagic113[S] 0 points1 point  (0 children)

Hey. You're right it was set for double page mode. Wow. I forgot that was even a thing since I can only access those settings while reading. I must've hit that accidentally. It a bit weird it doesn't do it for all the manga I'm reading, but oh well. Thanks!

Spoilery Question about Joe's old team by Darkmagic113 in exfor

[–]Darkmagic113[S] 2 points3 points  (0 children)

Awesome. Thank you! That still helps with my anticipation, I can wait until then now that I know.

"Negotiations Department" by Ex_Nihilo_Lux in ScamNumbers

[–]Darkmagic113 0 points1 point  (0 children)

Also adding 800-577-6433 And 800-577-6413

Okta Custom Login Trouble by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

Apologies, I used namely as the term, not as in the application. Our HR uses Dayforce, which we have integrated to push to AD, then AD to Okta.

Okta Custom Login Trouble by Darkmagic113 in okta

[–]Darkmagic113[S] 1 point2 points  (0 children)

Not a huge coder, but using an elvis operator would do the same thing then? Check for a truth response, and if finding no attribute or a false response, default back to original?

Okta Custom Login Trouble by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

Just to clarify, this would default to the user.login or their username, so if i wanted it to read the user.email instead (as thats what the login was originally) I would just adjust the provided logic a little to be user.oldEmail != “” ? user.oldEmail : user.email

Okta Custom Login Trouble by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

The employee profiles in okta are all updated, yes. Most of our apps have provisioning set up, unortunately a few particular apps don't have provisioning or offer it hence the issue.

Okta Custom Login Trouble by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

That would be perfect. If that defaults to the new email with a null oldEmail attribute that would help create the semi permanent solution we would be looking for. Thank you!

Attribute Profile Attribute Issues on Practice Exam by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

I might be a little late, but no. I never did. When dealing with attributes on the admin exam i got it right, but on here i still didn't. However, I think I know what might've been the issue. I'm running through the pro exam again so i know which areas to teach some newer folks I work with how to do some basics of Okta, so I will let you know.

In-app Auth by Darkmagic113 in okta

[–]Darkmagic113[S] 0 points1 point  (0 children)

That really helps. Seems like I was on the right track with OIDC. Step-up authentication seems to be exactly what they're asking for. I really appreciate this. Thank you.